Card, mobile credential, payment and security
The bill that would enable students at virtually all Virginia universities to donate their unused meal plan credits fell just short of passing this year. State lawmakers voted to continue debating the proposal – supported by the nonprofit Swipe Out Hunger organization – in the 2027 session.
The bill was introduced by Senate Democrat Danica Roem and would have allowed students to voluntarily donate their unused meal swipes. The meals could then be distributed to other students for redemption at campus dining halls or on-campus food pantries.
The proposed legislation hoped to build on Roem’s 2025 legislative success that established the Hunger-Free Campus Food Pantry Grant Program. It provides funding to support campus food pantries at public and qualifying private higher education institutions in the state.
The new bill would have required universities to allow students to donate meal swipes in order to receive funding from the state's Food Pantry Grant Program
In both 2025 and 2026, the grant program distributed $500,000. In 2026, pantries at 48 different institutions received between $6,000 and $15,000 awards.
Had the new bill passed, it would have required universities to allow students to donate their swipes in order to remain in the Food Pantry Grant Program and receive funding.
The efforts were shaped and supported in part by the ongoing work of the nonprofit organization Swipe Out Hunger. Largely via student engagement, Swipe Out Hunger works with institutions and legislators to address student food insecurity. To date, they have facilitated the provision of more than 20 million meals at 900 campuses throughout the country.
Two thirds of Virginia’s public colleges report that 25% to 50% of their students experience food insecurity, but just 40% have any funding for resources and services.
On the advocacy front, they have helped a dozen states pass Hunger Free Campus legislation. These include:
According to the organization, two thirds of Virginia’s public colleges report that 25% to 50% of their students experience food insecurity. Still, just 40% have any funding allocated to student food security resources and services.
Despite passing unanimously in the Virginia Senate, the bill stalled in the House Appropriations Committee.
Roem attributes the setback primarily to political dynamics between the two legislative chambers rather than concerns over cost.
Students by and large are 18 years and older, they’re adults. Choosing what to do with their meal plans, that’s their choice.
In an article in the Commonwealth Times, she says some legislators took issue with the idea of students donating swipes paid for by their parents.
She dismisses that argument, however, suggesting it assumes all students come from traditional middle-and-upper class families. It ignores the fact that many students put themselves through college with alternative funding sources.
“Students by and large are 18 years and older, they’re adults,” she says. “Choosing what to do with their meal plans, that’s their choice – and if their parent happens to pay for the meal plan, then that’s a conversation they can have with their parent.”
Senator Roem remains committed to continue the effort in 2027 working to get both chambers on board.
The University of Texas at Austin is preparing to launch mobile student IDs beginning in the 2027–28 academic year. The initiative, driven by strong student demand and backed by university leadership, will allow students, faculty, and staff to access campus services using credentials stored in their mobile wallets.
Spearheaded by Student Government leadership, the effort marks the culmination of years of student advocacy. They first began pushing for mobile IDs back in 2018, but recent Student Government legislation formally set the project in motion.
Student Government says the project represents a long-standing student vision now becoming reality through collaboration with university administrators
When the program launches in fall 2027, digital IDs will be delivered through the MyUT platform and integrated into Apple Wallet and Android Wallet. Users will be able to tap their phones to enter buildings, access residence halls, check out library materials, attend events, and make purchases at campus dining and retail locations. Physical cards will remain available at least through a transition period.
On campus, surveys conducted by Student Government show overwhelming support for replacing physical IDs with mobile alternatives – particularly among residential students who rely on their credentials multiple times per day.
The road to digital ID
For student leaders, the initiative is about aligning campus infrastructure with modern expectations. In a statement, the Student Government president and vice president say that the project represents a long-standing student vision now becoming reality through collaboration with university administrators.
At its core, the Digital ID initiative is designed to create a more connected and frictionless campus experience. University officials describe two guiding pillars: improving campus connection and building a technology foundation that unlocks long-term value.
From a user perspective, the benefits are immediate. Mobile credentials reduce the everyday friction of forgotten or misplaced cards and eliminate lost card replacement fees. The system is also expected to improve residential life by minimizing dorm lockouts and strengthening access control.
Beyond convenience, the university says the initiative sets a foundation for broader digital transformation. By consolidating identity, access, and payments into a single mobile experience, UT Austin aims to create a more seamless user experience and technology ecosystem.
They also point to potential cost savings, with reduced spending on card production and fewer replacement fees for students.
The rollout will follow a phased approach. The initiative is currently in a feedback and discovery stage, with design and development scheduled for the 2026-27 academic year. A full student launch is planned for fall 2027, followed by expansion to faculty and staff in spring 2028.
We all know campus card programs generate a constant stream of data, and each interaction creates a digital record. Protecting this data and the individuals involved –our students, faculty, and staff – is a crucial responsibility.
How institutions can best respond to this challenge was the focus of a recent NACCU webinar and article featuring by Erin Williams, Manager of Access & Privacy at the University of Calgary. Her message was clear: protecting data requires more than security controls – it demands strong information governance.
Information governance (IG) is the overarching framework that connects people, processes, and technology across the entire lifecycle of data. It goes beyond security or compliance alone, encompassing how information is created, stored, used, shared, retained, and ultimately destroyed.
“It is how we manage information and data in a way that complies with required regulations and best practices,” says Williams. “Think of it as like the rules of the road or the guardrails.”
Technology evolves faster than legislation, and campuses that lead with strong governance will be better positioned to meet both current and future requirements.
One part of that framework, data governance, focuses on structure and standards that protect individual privacy.
“Data governance is a subset of information governance that focuses on specifics like data quality and access,” she explains. “This role is often housed often in IT because they're usually the ones that manage the infrastructure, architecture, and data warehouses.”
Another part, security, provides the technical and administrative safeguards. While these disciplines are often discussed separately, Williams suggests that they must function together to build trust and reduce risk.
A key takeaway from the webinar was the need for a proactive mindset. Rather than waiting for regulations to dictate action, institutions should adopt best practices early. Technology evolves faster than legislation, and campuses that lead with strong governance will be better positioned to meet both current and future requirements.
Campus card environments are particularly challenging to govern due to their complexity. Both their reach and data are often decentralized, involving multiple departments with varying practices. At the same time, they are highly integrated, relying on third-party vendors and APIs that can introduce vulnerabilities.
Card offices frequently store data for extended periods “just in case,” which expands the potential impact of a breach.
Long data retention practices further increase risk. Card offices frequently store data for extended periods “just in case,” which expands the potential impact of a breach. The combination of decentralized ownership, deep integrations, and large data stores makes campus card systems attractive targets.
The article outlines a pragmatic approach that campus card programs can implement without significant new resources. It begins with creating a simple system and data map that identifies key systems, the types of data they hold, and access controls. This foundational step enables better decision-making across the organization.
Many breaches originate from third-party vendors, so it essential to have clear requirements around data handling and security.
Next, institutions should strengthen procurement and integration processes. Many data incidents originate from third-party vendors, making it essential to establish clear requirements around data handling, security, and breach response.
Reducing unnecessary data retention is another high-impact step. Routine cleanup of exported reports and files, along with defined retention schedules, can significantly limit exposure.
Preparation is equally important. Conducting regular tabletop exercises helps teams understand how to respond to incidents before they occur. These simulations clarify roles, communication pathways, and technical responses in a controlled setting.
To learn more about information governance for your card program and explore a detailed 90-day step-by-step plan to improve information governance, check out the article and webinar.
For years, campus technology leaders have discussed the coming shift to cloud-based systems, flexible credential options, and non-proprietary hardware and solutions. According to Danny Smith, owner of ColorID, that transformation is no longer theoretical – it’s happening now, and it is fundamentally changing how universities think about identity infrastructure.
“Even before the pandemic, when we were hosting identity summits, we talked about how cloud-based solutions and mobile credentials were going to reshape the industry,” Smith says. “We knew it would happen, but we also knew it would take time.”
Today, many campuses are reaching the point where those predictions are becoming reality.
Over the past several years, IT departments have become far more involved in campus identity ecosystems. As institutions evaluate long-term technology strategies, Smith says many are beginning to move beyond the traditional one-card model that centralized multiple campus services under a single vendor platform.
Identity becomes the foundation, and everything else connects to it.
He describes the emerging approach as independent identity infrastructure, where identity serves as the central layer connecting multiple specialized systems.
Applications that rely on credentials – housing, dining, recreation, visitor management, and access control – can operate independently rather than being tied to a single vendor ecosystem.
Historically, campus one-card systems functioned as the hub for a wide range of services, from dining and vending to building access and campus payments. Vendors built platforms designed to manage these services through centralized infrastructure.
While that model served campuses well for many years, Smith says it also created a level of technological lock-in that many institutions are now trying to avoid.
“Most one-card providers are fundamentally financial platforms – they’re payment processors,” he says. “There’s really no reason for a third-party payment platform to control a university’s entire identity infrastructure.”
In the architecture Smith describes, identity becomes the core and service providers connect to it as needed.
Universities want the freedom to choose the best solution for each service instead of being tied to one ecosystem.
“In a modern architecture, the one-card provider becomes just another consumer of identity,” he says. “Universities can still use those platforms for dining or payments, but they’re no longer locked into them.”
This approach allows institutions to select specialized best-of-breed vendors for specific services, link them to the university-owned identity layer, and replace them, if necessary, with minimal disruption.
According to Smith, this is where ColorID’s CardExchange platform fits in.
“With CardExchange, we provide the identity infrastructure layer that connects everything together,” he explains. “Key to this is that the institution controls it and owns their identity data.”
ColorID has worked in higher education for more than 25 years, helping campuses deploy ID systems and integrate technologies across their environments. He believes that experience positions the company to help institutions transition from legacy card systems to a more modern campus identity infrastructure.
The credential itself isn’t the breakthrough. The breakthrough is how identity connects every system on campus.
One part of that evolution involves mobile credentials. ColorID has certified integrations with Apple Wallet and Google Wallet, enabling them to help campuses issue digital credentials directly to smartphones.
But Smith cautions that mobile credentials alone are not the real transformation.
“Sometimes the industry focuses too much on the fact that the credential sits inside a phone,” he says. “The real value is what you can do with that credential – how it connects to systems and enables new services.”
Mobile credentials, he believes, are simply another form factor. The real innovation lies in the identity ecosystem surrounding them.
Roughly 50 campuses currently use CardExchange as part of their identity infrastructure, and adoption is accelerating as institutions begin evaluating modernization strategies.
“Many universities are still operating within older architectures,” he says. “The longer they wait to modernize, the more complicated and expensive that transition becomes.”
At the same time, the identity technology landscape is becoming more competitive as new vendors enter the higher education market. Smith sees this as a positive development.
“Competition validates the model,” he says. “It pushes all of us to improve our solutions and ultimately gives institutions more options.”
He believes identity is no longer a supporting technology, but rather, the core platform that connects campus systems.
“I think the identity-first architecture will become the standard model in higher ed and across large organizations,” he says. “Identity is the common denominator, and as institutions recognize that, it becomes the foundation that everything else builds around.”
The NACCU Annual Conference is fast approaching and the deadline to book your hotel rooms is March 25 at 11:00pm CST.
NACCU has secured special conference rates at two hotels – the Cincinnati Marriott at RiverCenter and the Hotel Covington. According to the association, however, the Marriott has limited remaining availability. All the more reason to book now.
Reservations are managed through the meetNKY Passkey system link. Visit this page at naccu.org and click on the “Reserve Your Room” button.
This is a boutique hotel rooted in local history. Originally a luxury department store built in 1907, it has been transformed into a hotel that blends historic charm with upscale comfort and is on the Kentucky Bourbon Trail.
Just a 10-minute walk from the convention center, it is surrounded by local dining and entertainment options for your off-hours. The conference's opening reception will be held at the hotel on Sunday evening. For additional convenience, NACCU will be providing a shuttle that will run between the convention center and Hotel Covington during conference hours Sunday through Wednesday.
Rooms are available in two distinct towers, with rates ranging between $165-$185++ per night. Learn more about Hotel Covington.
This hotel is connected to the convention center by skywalk. The room rate is $189++ per night. Learn more about the Marriott at RiverCenter. Availability is now limited at the Marriott.
If you have not yet registered for the conference, take a moment and secure your spot.
A new standard is here for smart locks and digital keys, but there are major questions about the impacts of Aliro in higher education. Launched in spring 2026, Aliro 1.0 was created by the Connectivity Standards Alliance (CSA) to move access control and mobile credentials away from propriety solutions to a new universal protocol.
This is not the first move toward interoperability systems from the CSA. The group previously released the Matter standard for smart home connectivity. Aliro is part of their wider effort to standardize digital keys from residential to commercial settings.
What sets Aliro apart is the lower barrier to implementation, consistent experience across devices, personal security, and industry collaboration. This is due to support from the world’s largest mobile wallet providers – Apple, Google, and Samsung. All have committed to supporting the standard, allowing Aliro-certified locks to be used with digital keys in any mobile wallet or smart device.
Apple, Google, and Samsung committed to supporting the standard, allowing Aliro-certified locks to be used with digital keys in any mobile wallet or smart device.
“Aliro is solving the fragmentation that has held back digital key adoption, replacing it with a single interoperability standard built through Alliance Member collaboration,” says Tobin Richardson, President and CEO, Connectivity Standards Alliance. “By connecting the access control industry directly to leading mobile wallet ecosystems, it delivers a secure, frictionless experience that goes well beyond the front door.”
Aliro doesn’t replace communication methods like Bluetooth or Near Field Communication (NFC). Rather it uses these communication protocols to handle a wider variety – and an interoperable variety – of secure access transactions.
According to the CSA, personal privacy was top of mind in Aliro’s development. It uses asymmetric cryptography, also known as public-key cryptography, to ensure secure, bidirectional communications between credentials and readers.
While it is still very early, proponents say Aliro could have a massive impact on the commercial market for mobile credentials, access control readers, and other smart devices.
In higher education, it could one day streamline implementation while affording institutions the flexibility to switch between compatible products from a variety of vendors.
For a university, postponing a system upgrade in anticipation of widely-supported Aliro availability would be a gamble.
Existing smart locks and access control readers do not currently support the standard and most are likely incapable of retrofitting to support it. This means new hardware from participating vendors will be required.
Because of this, while the 1.0 standard is a major accomplishment, it is still in its infancy.
The initial use cases will be in smart home applications, but it is not likely to be a near term solution for large scale mobile credential or infrastructure implementations.
Postponing a system upgrade in anticipation of widely-supported ecosystem for Aliro in higher education would be a gamble.
Still, some lock manufacturers are reported to be in the process of incorporating Aliro into their products, but these devices will need to be fully certified before use.
The CSA says that Apple, Allegion, Assa Abloy, Aqara, Google, HID, Kastle, Kwikset, Last Lock, Nordic Semiconductor, Nuki Home Solutions, NXP Semiconductors, Qorvo, Samsung, and STMicroelectronics will be among the first to achieve Aliro 1.0 certification.
Read more about Aliro 1.0 here, and access the full specification documents.
Year after year student expectations continue to rise, and the higher ed institutions that stay ahead of the curve leverage data to strategically improve their student experience. The Student Financial Experience Report, an annual survey commissioned by TouchNet, sheds light on how mobile payments, digital IDs, and other technology affect campus life.
The 2026 report surveyed 3,020 students from the U.S., U.K., Australia, and Canada. The findings explore student attitudes on the state of campus services and the features they wish to see implemented in the future. Tracking these shifting priorities will be essential to tailor services toward this increasingly diverse and tech-savvy student population.
Topics included in the report include:
Students across all markets report expending considerable effort managing financial responsibilities, but students in the U.S. are better off than their international counterparts. Only 29% of U.S. students say that managing financial-related activities at their institution requires very high effort, while the U.K. students lead at 57%.
Nearly all students across every market use mobile pay for everyday purchases, but students in the U.S. and Canada are slightly less frequent users, and overall students are less likely to “always use mobile payments” than they were in 2024.
Features such as payment reminders, instant notifications, easier refunds, and auto-payment systems are no longer luxuries; they’re necessities.
Still, two thirds of students regularly use mobile pay (e.g. Apple Pay, Google Pay) to pay for rent, utilities, and other expenses.
Mobile phones still dominate across the board for students accessing personal financial information, but students are more likely to prefer web portals over mobile apps when accessing their student account and tuition payment information.
Mobile applications are the dominant second choice overall, but the preferences are regional. U.K. students preferred mobile apps overall, the only set to do so.
Convenience and immediacy remain a key factor in student choices as “students increasingly expect seamless digital transactions,” according to the report.
Today's students are digital natives, used to managing almost every aspect of their lives through their mobile devices. Half of students surveyed in 2025 currently use some form of digital student ID, though only 20% of students rely solely on a digital ID.
Half of students surveyed in 2025 currently use some form of digital student ID.
Students in the U.S. exhibit a stronger attachment to physical IDs, with 54% still relying on traditional cards. Globally, students are more likely to prefer to use a digital student ID (42%) over a physical one (25%). One-third of students prefer the flexibility of having both a physical and digital ID.
Students overwhelmingly prefer their student ID to serve multiple functions. Highest on the list is mobile identification (54%) and academic building access (50%), but meal transactions, campus accounts, and residential building and parking access also rank highly on student priority lists.
Students increasingly expect easy access to mobile and digital solutions on campus. Features like payment reminders, instant notifications, easier refunds, and auto-payment systems are no longer luxuries; they’re necessities.
At 56%, payment reminders top the list of what students suggest would most improve their campus payment experience, but refunds, mobile notifications, and live chat options follow shortly behind.
One survey question asked, “If your institution could improve its technology for up to three student-related services, which ones would most enhance the experience for you and other students?”
Tuition/financial aid and course registration were the clear winners. Academic student support and dining options were selected by three in ten students, while non-tuition financial processes and on-campus stores were also mentioned.
Campus technology improvements are central to the student experience, and the report notes “students expect technology that reduces friction in administrative tasks.”
The shift towards mobile solutions is holding strong while reshaping how students manage their finances and campus movements. Understanding more about student behavior and preferences can help mold products and programs for better accessibility, productivity, and satisfaction on campus. Find additional information in the complete report by TouchNet.
Transact + CBORD formerly announced its new name, visual identity, and branding as Illumia at its Momentum annual user conference.
According to an announcement about the launch, the company powers payments, access, foodservice, and credentialing at more than 10,000 clients in higher education, healthcare, and senior living institutions.
"The Momentum conference is the right place to bring this brand to life for the first time, with clients and partners who have been part of this journey from the beginning," says Greg Brown, the company’s new CEO.
CEO Greg Brown and Chief Commercial Officer Laura Newell-McLaughlin kick off Momentum ’26, Illumia’s annual user conference, with a fireside chat.
At the event, Illumia also recognized its 2026 Distinction Award winners including both clients and partners. Honorees include:
"There's no better reminder of what this brand stands for than what happens when these organizations and partners work side by side – sharing ideas, solving problems, and making things easier for the people they serve,” says Brown.
Illumia is a business unit of Roper Technologies. Roper acquired CBORD in 2008 for $367 million at a time when CBORD supported 750 colleges and universities. In 2024, they added Transact at a $1.5 billion price tag.
The two companies have operated as Transact + CBORD for the 18 months following the August 2024 Transact acquisition.
FutureState, a new entrant to the campus credential, dining, and auxiliary service space, announced its new closed-loop, stored value and meal plan offering called BalanceU.
“FutureState’s BalanceU is designed to help colleges and universities lower operating costs, eliminate vendor lock-in, and gain real-time financial visibility across campus,” says Christopher Augustine, Co-Founder and Head of Product Development at FutureState.
It is hardware-agnostic so institutions can choose the front-end systems that best meet their goals without being constrained by legacy one-card architectures, he explains.
Because we are not weighed down with legacy codebase, we can iterate quicker to meet emerging needs like roll over meals and donated meals to food insecurity programs.
BalanceU eliminates some of the costs that are common in traditional meal plan environments, such as fixed POS integration fees, charges for access to real-time balance data, and forced hardware replacements.
Augustine says institutions only pay for what they use, and existing systems already deployed on campus can be redirected to operate with BalanceU.
FutureState began as a project at the University of Arizona.
In 2025, Arizona took a unique approach to campus transactions, identity, and mobile credentials. The institution created its own software ‘layer’ between the credential and the multitude of campus systems that consume the credential. At its most basic form, they created a hub that manages API endpoints.
It connects the wide array of services on the campus – access control, housing, campus rec, dining, retail, parking, attendance, events, vending, laundry – to the credential manager. Because the university controls this layer, they can swap out both the upstream credential manager as well as any downstream consuming system without disrupting the larger network.
It is a radical change from the way it has always been done in higher ed. Traditionally, the transaction system or the access control system managed these connections, and this locked the campus to that vendor.
The Arizona project was led by two of the leaders of Administrative and Auxiliary Operations, Sr. Director of IT Joe Harting and IT Project Manager Chris Augustine.
“What we built sounds basic and logical, but it is a radical change from the way it has always been done in higher ed,” says Harting. “Traditionally, the transaction system or the access control system managed these connections, and this locked the campus to that vendor.”
Harting believes they have upended an outdated model, and now they hope to help other institutions benefit from their work. In this pursuit, they founded a private company called FutureState.
In the same way that the company’s credential solution is designed to integrate the array of the wider campus vendor solutions, the FutureState meal plan solution connects to a broad range of dining-centric vendors.
Supported systems include:
Self-service retail integrations include:
FutureState founders say BalanceU provides free, unrestricted access to real-time meal plan and stored value balance data. This ensures institutions can power mobile apps, parent portals, analytics tools, and reporting systems without additional cost.
“Our goal from the beginning was to give institutions immediate access to their own data so they could do things like display balances and transaction history alongside the mobile credential,” says Augustine. “You shouldn’t have to negotiate with your transaction system provider or pay additional fees to use your campus data.”
With decades of experience in auxiliary services, Harting says he understands the complexities of meal plans.
“Because we built BalanceU from the ground up using an AI native development stack, we are able to incorporate the normal dining feature set as well as features I’d wished were available through my years running both card and meal plan offices,” explains Harting. “Because we are not weighed down with legacy infrastructure and codebase, we will also be able to iterate quicker to meet key emerging needs like roll over meals and donated meals to food insecurity programs.”
FutureState will showcase BalanceU at the NACCU Annual Conference in Covington, KY, April 19-22, 2026. They are seeking a small group of colleges and universities to pilot BalanceU in Fall 2026, ahead of general availability in Q1 2027.
Transact + CBORD (rebranding to Illumia in March 2026) announced a new agreement with sports and entertainment point-of-sale (POS) provider MyVenue. The partnership allows students to use their campus card and stored-value campus funds for purchases inside stadiums and arenas.
The integration adds MyVenue’s high-volume point-of-sale platform to Transact + CBORD’s campus commerce platform.
Designed specifically for hospitality environments, MyVenue supports mobile ordering, POS terminals, self-service kiosks, in-seat and suite catering. Its real-time back-office inventory and reporting helps venues serve more fans faster and streamline operations.
For students and fans, it means shorter queues, and for operators, it means greater oversight and improved efficiencies.
According to Transact +CBORD, most campuses manage dining and events with separate systems, creating friction for students and operational challenges for staff. This leads to long wait times, inconsistent payment experiences, and limited reporting and operational visibility.
This attempts to change that by providing a unified payment experience everywhere on campus without the need for a dedicated event card or payment tender.
“The partnership delivers a faster, unified commerce experience across campus and sporting facilities,” says Tim Stollznow, Founder and CEO of MyVenue. “For students and fans, it means shorter queues, and for operators, it means greater oversight and improved efficiencies.”
Colleges and universities deploying MyVenue, can simplify vendor onboarding and deployment by leveraging their existing Transact + CBORD network. By purchasing the solution directly from Transact + CBORD, the acquisition process can be streamlined.
“MyVenue stands alone in its ability to perform in high-volume, high-pressure environments where speed and reliability matter most,” says Chris Setcos, SVP of Partnerships, M&A, and Corporate Strategy at Transact + CBORD.
The Australia-based company’s solution is used at venues including Lumen Field, Ball Arena, AT&T Stadium, Dodger Stadium, and Little Caesar’s Arena. It also serves collegiate athletics, including University of Florida, Purdue University, and Michigan State University.
